Helios Lite: Malware Scanner

Helios Lite is a stand-alone binary that can quickly scan a system for system service dispatch table (SSDT) hooks, hidden processes, hidden registry entries, and hidden files. Helios Lite uses a GUI program to communicate with its kernel-mode driver, helios.sys. Together these two components are able to detect most rootkits hooking and hiding techniques.

Usage:

• Click à Scan type, select hidden files,
• Enable à Show all alternate data stream (ADS), click scan
• Click à Scan type, select hidden registry, hidden processes, ssdt hooks, click scan.

This is very powerful tool to find SSDT hooks.